![]() |
|
How Access Rights for Working with Primary Record-Type Records are DeterminedWhen a user tries to update, delete, or drill down to see more details on a primary record, Oracle CRM On Demand uses the following process to determine what actions the user can perform on the record:
More information about how Oracle CRM On Demand determines the access levels granted by the reporting hierarchy, membership of custom books, user delegation, and team membership is provided in the rest of this topic. Oracle CRM On Demand always uses the most permissive level of access from each of these access-control components, so keep this in mind when you create access profiles and assign them to users, books, and teams. The combination of the access permissions for the record determines what actions the user can perform on the record. If the user has at least read-only access to the record, the record details are displayed. Otherwise, the user sees an error message. Access Rights from the Reporting HierarchyTo determine the access rights that can be granted through a user’s position in the reporting hierarchy, Oracle CRM On Demand considers the following for each subordinate of the user:
NOTE: If the subordinate is not the record owner or a member of the team for the record, the subordinate does not contribute to the access calculation. Oracle CRM On Demand then considers all of the access rights that subordinates contribute to the access calculation and calculates the most permissive access level that can be given to the user. Access Rights from Membership of Custom BooksTo determine the access rights that can be granted through a user’s membership of custom books, Oracle CRM On Demand considers the following:
In all cases, if one or more of the access levels for the record is Inherit Primary, then the inherited access level of the primary record type is used. If more than one access level for the record is Inherit Primary, then a union of the inherited access levels of the primary record types from each access profile is used. Oracle CRM On Demand then considers all levels of access that book membership contributes to the final access calculation and determines the most permissive access level that can be given to the user. Access Rights from User DelegationTo determine the access rights that can be granted through user delegation, Oracle CRM On Demand considers the following for each delegator (that is, each user for whom the current user is a delegate):
Oracle CRM On Demand then considers all levels of access that user delegation contributes to the access calculation and determines the most permissive access level that can be given to the user. Access Rights from Team MembershipIf the user is a team member on a record (but is not the owner of the record), Oracle CRM On Demand extracts the access level for the primary record type from the access profile on the user’s team membership. Related TopicsSee the following topics for related information: |
Published 7/3/2018 | Copyright © 2005, 2018, Oracle. All rights reserved. Legal Notices. |